Protected Disclosures Policy (Whistleblowing Policy)
Dublin City University (hereinafter referred to as ‘the University’) is committed to preserving the highest standards of integrity, transparency, probity and accountability, and recognises that both workers and students play a key role in achieving these aims. Wrongdoing such as corruption or malpractice, or the concealing of these, can have a devastating effect on our professional reputations, working relationships and morale. Often, workers and students can be the first to know when someone inside or connected with their organisation is involved in illegal or improper activity and practices, but often they may feel apprehensive about reporting their concerns. This may be because they feel that speaking up would be disloyal to their colleagues, or to the organisation itself, or because they may fear they will experience negative repercussions (i.e. that they will be victimised or penalised) as a result.
International best practice in corporate governance recommends that organisations put in place formal procedures whereby individuals can report such concerns. The University has therefore developed this Protected Disclosure Policy (also commonly referred to as a ‘Whistle Blowing’ Policy) and it is an integral component of the University’s risk management process. The University takes all wrongdoings very seriously, whether they be by University workers (including senior management), workers within the University’s subsidiary companies, by contractors, or by students. This policy sets out the University’s process by which concerns in relation to wrongdoings can be reported and dealt with in a clear, formal and safe manner.
The University recognises that workers and students have an important role to play in achieving this goal. The University will support workers and students who disclose information which they reasonably believe tends to show one or more wrongdoing(s) if it comes to their attention in a work/study related context. This policy also contains safeguards to deter mischievous reporting. In addition, the University’s Anti-Fraud Policy should also be read in conjunction with this policy.
The purpose of this policy is to encourage individuals to make a disclosure in respect of significant matters, and to provide protection for the person making the disclosure, if they reasonably believe that the information in the disclosure is substantially true.
This policy is intended to apply to major concerns that an individual may have regarding any aspect of the University’s activities, or the conduct of other members of the University community, that is not properly addressed within the scope of other University policies.
This policy aims to protect individuals from penalisation where they make a disclosure of information that comes to their attention in connection with their work or study at the University. This information may include, but is not limited to, investigation results, findings, opinions or information obtained during the course of the individual performing their work or studies. A protected disclosure under this policy involves the disclosure of information which an individual reasonably believes demonstrates a suspected wrongdoing or dangers at the University. A protected disclosure may include information in relation to:
- the commission of an offence;
- failure to comply with any legal obligation;
- miscarriages of justice;
- endangering of the health and safety of an individual;
- damage to the environment;
- unlawful or improper use of funds and/or resources of a public body, or of other public money;
- an act or omission of a public body which is oppressive, discriminatory, grossly negligent or constitutes gross mismanagement;
- a breach or omission that is unlawful and falls within the scope of certain EU legislation (e.g. Public Procurement, Data Privacy etc.) or
- the fact that information tending to show any matter falling within any of the above matters has been, is being or is likely to be concealed or destroyed.
If an individual has any genuine concerns related to suspected wrongdoing or danger affecting any of the University’s activities they should report it under this policy.
This policy should not be used for complaints relating to an individual’s personal circumstances or arising out of their work or studies with the University, such as the way they have been treated at work or in the course of their studies. In those cases the individual should use the University’s appropriate internal mechanism.
Matters concerning interpersonal grievances, exclusively affecting an individual making a report, are not considered a ‘wrongdoing’ for the purposes of this policy.
This policy is not designed to be used to re-open any matters that have been addressed under other University policies nor should it be viewed as an alternative to those procedures in respect of matters that would more appropriately be considered under them.
The aims of this policy are to:
- encourage Relevant Persons to report suspected wrongdoing as soon as possible, in the knowledge that their concerns will be taken seriously and investigated as appropriate;
- provide to Relevant Persons guidance as to how to raise those concerns; and
- reassure Relevant Persons that they should be able to raise genuine concerns without fear of reprisals.
For the purposes of this policy a ‘Relevant Person’ is defined as:
- any person who is working or has worked at or for the University and/or its wholly owned subsidiary companies (hereinafter referred to as ‘workers’);
- consultants, agency workers, individuals undergoing training, shareholders, board members (including non-executive members), job applicants and volunteers;
- all current and former students, full-time and part-time, of the University.
Employees of the University and its campus companies should note that this policy does not form part of any employee’s contract of employment and it may be amended at any time.
The University’s existing line management structures and systems of internal control, both financial and operational, are the normal and correct mechanisms to detect and/or draw attention to irregularities of all kinds.
However, it is recognized that it is good practice to create an alternative reporting line as a mechanism of last resort and in such instances this policy should apply.
Relevant Persons should be mindful of the fact that reporting provisions already exist in the following Irish legislation:
- Ethics in Public Office Acts 1995;
- Standards in Public Office Act 2001;
- Protections for Persons Reporting Child Abuse Act 1998;
- Competition Act 2002;
- Garda Síochána Act 2005;
- Safety Health and Welfare at Work Act 2005;
- Employment Permits Act 2006;
- Consumer Protection Act 2007;
- Health Act 2004;
- Communications Regulation Act 2002;
- Charities Act 2009; &
- Prevention of Corruption (Amendment) Act 2001.
This is a non-exhaustive list. Reporting protected disclosures is specifically addressed in the Protected Disclosures Act 2014 (the ‘2014 Act’) and this policy shall be regarded as an ‘internal procedure’ for the purposes of section 21 of the 2014 Act.
The Deputy–President, as Chair of the Protected Disclosures Group (the ‘PDG’), has overall responsibility for this policy, and for reviewing the effectiveness of actions taken in response to concerns arising under this policy.
All disclosures under this policy should be made to the relevant recipient as identified below. As stated above however, this alternative reporting line should be treated as a last resort and the University’s existing line management structures and systems of internal control, both financial and operational, are the normal and correct mechanisms to detect and/or draw attention to irregularities of all kinds.
Recipient for workers
A worker should raise their concerns with their line manager, Head of School or Unit.
If for any reasonable grounds the worker does not wish to report to their line manager, Head of Unit or Head of School, the worker may escalate the reporting in the following manner:
- Executive Dean or Director of Human Resources;
- President, if for any reason the worker does not wish to report the matter to the Executive Dean or Director of Human Resources; or
- Chancellor of the University, if for any reason the worker does not wish to report the matter to the President of the University.
Workers must exercise discretion and commit to keeping the reporting and investigation process confidential.
Recipient for students
A student should raise their concerns with their Head of School.
If for any reasonable grounds a student does not wish to report to their Head of School, the student may escalate the reporting in the following manner:
- Executive Dean;
- Vice-President Academic Affairs/Registrar, if for any reason a student does not wish to report the matter to the Executive Dean;
- President, if for any reason a student does not wish to report the matter to the Vice-President Academic Affairs/Registrar; or
- Chancellor of the University, if for any reason a student does not wish to report the matter to the President.
Students must exercise discretion and commit to keeping the reporting and investigation process confidential.
Recipient for any other person, other than a worker or student, who falls within the scope of this policy
- the Chief Operations Officer where appropriate;
- the President where disclosures relate to any officer with a role under this policy; or
- the Chancellor of the University where disclosures relate to the President.
Any other person raising a concern must exercise discretion and commit to keeping the reporting and investigation process confidential.
Where the Relevant Person is employed by the University, the Relevant Person can make a disclosure to the Minister for Higher, Further Education, Research, Innovation and Skills (DFHERIS).
Concerns raised under this policy will usually relate to the conduct of University employees, but they may sometimes relate to the actions of a third party, such as a supplier or service provider. In some circumstances, the law may protect a Relevant Person if he/she raises the matter with the third party directly. However, the University encourages Relevant Persons to report such concerns internally and they should firstly contact the relevant recipient identified above for guidance.
All disclosures by the Relevant Person to the University recipient should be made in writing. The Relevant Person will need to be able to demonstrate and support the reasons for their concerns and provide evidence of their concerns where such evidence is available.
Any reports setting out an individual’s concerns should be factual (to the best of their knowledge) and should address the following key points to the extent that such information is known to the individual in relation to a wrongdoing that has occurred, is occurring or is likely to occur:
- what has occurred (or is thought to have occurred)
- when it occurred
- where it occurred
- who was involved
- has the University been put at risk or suffered a loss as a result?
- has it happened before?
- has it been raised with anyone else either within the University or externally? If so, details of when/whom
- are there any other witnesses?
- is there any supporting information or documentation? &
- how did the matter came to light.
The University hopes that Relevant Persons will feel able to voice concerns openly under this policy. The University will take all reasonable steps to protect the identity of the Relevant Person and will not disclose any information that might identify the Relevant Person, and the person(s) concerned (i.e. the person who is referred to in a protected disclosure as potentially involved in the wrongdoing) beyond those authorised to receive and follow-up on the disclosure.
However, the identity of the Relevant Person may need to be disclosed:
- for the effective investigation of the disclosure;
- to prevent serious risk to security of the State, public health, public safety or the environment;
- for the prevention, investigation or prosecution of a crime;
- where disclosure is necessary in the public interest; or
- it is required by law.
This is a non-exhaustive list. Note that the University cannot guarantee full anonymity, as the law may (in the circumstances already described) require the University to reveal the identity of a Relevant Person. This is in line with both applicable law and international best practice.
A Relevant Person is encouraged to identify themselves when making a disclosure, whenever possible. The University shall not generally investigate anonymous disclosures but such disclosures may be considered at the discretion of the University. When exercising this discretion, the University shall take into account the seriousness of the issues raised, the credibility of the concern and the capacity of the University to investigate an anonymous allegation. Any individual who subsequently identifies themselves as the discloser will be afforded protection under this policy.
Upon receipt of any disclosure in writing that is made under this policy, the recipient shall pass the information to the Deputy-President, Chair of the PDG. Concerns of the Relevant Person may be raised verbally by the recipient but should subsequently be confirmed in writing to the Deputy-President as soon as is reasonably practicable thereafter.
The PDG shall be responsible for the assessment and investigation of all disclosures in a timely and appropriate manner. The initial report of potential wrong doing will be acknowledged by the PDG in writing to the Relevant Person within seven days of receipt. Additional feedback will be provided to the Relevant Person within a reasonable period not exceeding three months from the date of receipt and, if necessary, at three month intervals thereafter until such time as the procedure relating to the report is closed.
Membership of the PDG may include the following:
- Deputy President (Chair)
-
Chief Operations Officer
-
One of the following depending on the allegation:
- Academic matters- the Vice-President for Academic Affairs/Registrar;
- Research matters - the Vice-President of Research and Innovation;
- Financial matters - Finance Director; or
- Any other member of the senior management team.
A member of the PDG will be nominated by it to carry out an initial assessment of the disclosure to determine whether it falls within the scope of this policy and whether it is necessary to carry out an investigation into the disclosure. That member will communicate the outcome of the assessment to the recipient.
The recipient to whom the original written disclosure was made shall, where appropriate, communicate to the Relevant Person as soon as reasonably practicable whether the matter shall be investigated further and what action has been taken or whether no action is to be taken.
If the PDG decides that the disclosure falls within this policy and that it must be investigated, the scope and terms of reference of any investigation will be determined prior to the investigation being carried out. The PDG will appoint persons from within the PDG to carry out the investigation but such persons may be assisted by persons outside of the PDG. The member of the PDG who carries out the investigation will not have been previously involved at the assessment stage. In the course of the investigation the Relevant Person may be required to attend meetings in order to provide further information to the PDG. The member of the PDG will draft a report on their investigation.
In some instances, the PDG may at its discretion appoint an external third party to investigate the matter in circumstances where the third party has relevant and necessary specialised knowledge of the subject matter.
The investigator’s report will be sent to a member of the PDG who was not involved at the assessment or investigation stage and this member will determine what, if any, action should be taken by the University. Such action could include changes to the way the University conducts its operations, disciplinary action (following the application of the appropriate disciplinary procedure), referral of the matter for consideration under a specific University policy or procedure, or a report to an appropriate third party, such as An Garda S?ochána.
The PDG will endeavour to keep the Relevant Person who made the disclosure informed of the progress of the investigation and its likely timescale. However, sometimes the need for confidentiality or to facilitate a fair and comprehensive investigation may prevent the PDG giving specific details of the investigation. The Relevant Person should treat any information about the investigation as confidential.
If the PDG concludes that the Relevant Person has made false allegations deliberately, maliciously or with a view to personal gain, they may be subject to disciplinary action in accordance with the University’s disciplinary policies and procedures.
In the case of a disclosure where it is determined by the PDG that there is no prima facie case to answer, a summary of the disclosure shall be reported to the Governing Authority.
Following any investigation and subsequent decision made by a member of the PDG, a written report shall be submitted by the PDG to the Governing Authority containing the following information:
- a description of the disclosure and the findings of the investigation;
- the effect the disclosure had on the University, if any;
- the means of perpetrating the malpractice or impropriety;
- the measures taken to prevent a recurrence;
- the action required to strengthen future responses under this policy;
- a conclusion as to the way forward;
- whether any report has been made or is required to be made to any third party; &
- any other relevant material.
The PDG will also communicate in writing to the Reporting Person the final outcome of the investigation.
The PDG shall also determine whether the disclosure should be the subject of a referral under the University’s Anti-Fraud Policy and/or be notified to the following:
- the person who is the subject of the disclosure;
- the University’s insurers;
- An Garda S?ochána;
- any third party aligned with the University affected by the disclosure;
- the Higher Education Authority;
- the Department of Education and Skills; &
- any other relevant authority.
It is understandable that individuals who make disclosures are sometimes worried about possible repercussions. The University aims to encourage openness and will support Relevant Persons who raise genuine concerns under this policy, even if they turn out to be mistaken.
Relevant Persons who make disclosures under this policy must not suffer any detrimental treatment as a result of raising a concern. Detrimental treatment (often referred to as ‘penalisation’) includes, but is not limited to, the following:
- suspension, lay-off or dismissal
- demotion or loss of opportunity for promotion or training
- transfer of duties, change of location of place of work
- reduction in wages or change in working hours
- imposition or administering of any discipline or reprimand
- unfair treatment
- ostracism, coercion, intimidation, blacklisting or harassment
- discrimination or disadvantage
- injury, damage or loss (particularly in a social media, financial or reputational context)
- threat of reprisal
- negative performance assessments or employment references
- failure to convert a temporary employment contract into a permanent one
- early termination or cancellation of a contract for goods and/or services, or of a licence or permit
- psychiatric or medical referrals
- other unfavourable treatment connected with raising a concern.
It should be noted that those aspects of the above list which are designed to apply to workers (such as demotion, transfer of duties or reduction in wages etc.) will not be applicable to students.
If a Relevant Person believes that they have suffered any such detrimental treatment, they should immediately inform their line manager, Head of Unit or Head of School, where appropriate. It shall be the responsibility of the line manager, Head of Unit or Head of School to take the necessary actions in response to this complaint, in a timely fashion, which shall include referring the matter directly to the Deputy-President. In instances where the line manager, Head of Unit or Head of School is involved in the alleged penalisation, the Relevant Person should report the matter to the Deputy President in their role as Chair of the PDG or directly to the University President.
Workers or students must not threaten or retaliate against Relevant Persons who make disclosures under this policy in any way. If an individual is involved in such conduct they may be subject to disciplinary action.
However, where the University reasonably believes that a false disclosure is deliberately made, it may take appropriate action against individuals. However, the burden of proof to prove that an alleged act of penalisation did not occur because an individual has made a protected disclosure will rest with the University.
Any actions taken by the University with respect to University workers and students shall be initiated in accordance with the appropriate University regulations and disciplinary procedures, which may include (but are not restricted to) any of the following:
- The initiation of steps for implementation of the Dublin City University disciplinary procedures under Dublin City University Statute No. 5 of 2010: ‘Suspension and Dismissal of Employees’ leading to demotion or dismissal (relevant to Dublin City University employees only).
- The initiation of steps for implementation of the Dublin City University disciplinary procedures under the terms of the University Regulations for undergraduate or postgraduate students.
The University shall not tolerate or permit any form of detrimental treatment as a result of a disclosure of a reasonably held concern and shall take all appropriate action to support any Relevant Person who raises such a concern. Appropriate disciplinary action shall be taken in accordance with the appropriate University regulations and disciplinary procedures, against any worker or student who is found to have subjected a Relevant Person to penalisation for raising a concern under this policy.
The Deputy President shall maintain a record of all allegations received and investigations carried out under this policy by the PDG.
An Annual Report will be submitted to the University’s Governing Authority and will be published, not later than 30th June in each year, in relation to protected disclosures received by the University in the preceding calendar year. The Annual Report shall maintain the anonymity of all those involved and shall include information on the:
- numbers of protected disclosures made to the University;
- numbers of disclosures referred to another procedure;
- numbers of disclosures investigated by the PDG and not upheld or requiring further action;
- numbers of disclosures upheld; &
- actions (if any) taken in response to protected disclosures upheld.
The post holders named in this policy will have the roles and responsibilities that have been assigned to them as per the policy.
For further details on any aspect of this policy, please contact:
Office of the Chief Operations Officer
Tel: 01-7005117 / 8257
The Policy shall be reviewed by the University Executive as and when changes are required to follow best practice and relevant legislation.
|
Document Name |
Protected Disclosures Policy |
|
Unit Owner |
Office of the Chief Operations Officer |
|
Version Reference |
Version 2.0 |
|
Approved by |
Executive |
|
Effective Date |
October 4th 2022 |
Annual Report to the Governing Authority
Date: 30th June 2023
Prepared by: Office of the Chief Operations Officer on behalf of the DCU Protected Disclosures Group (PDG)
Context: As required by the University’s Protected Disclosures Policy, in each year on June 30th, the Deputy President, as Chair of the PDG, will notify the Governing Authority of any allegations received and investigations initiated under the Protected Disclosures Policy by way of a formal report. The schedule below summarises the position to date where the policy was invoked.
Schedule of items to be reported to the Governing Authority
|
Academic Year (i.e. October 1st to September 30th) |
No. of protected disclosures made to the University |
No. of disclosures referred to another procedure |
No. of disclosures investigated by the PDG and either not upheld or required further action |
No. of disclosures upheld |
Actions (if any) taken in response to protected disclosures upheld |
|
2013 – 2014 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2014 – 2015 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2015 – 2016 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2016 – 2017 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2017 – 2018 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2018 – 2019 |
One |
None |
One allegation investigated by the PDG but not upheld |
None |
No further action taken
|
|
2019 – 2020 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2020 – 2021 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2021 – 2022 |
Nil |
Not Applicable |
Not Applicable |
Not Applicable |
Not Applicable |
|
2022 – 2023 |
Two |
Not Applicable |
Pending |
To be determined |
To be determined |
|
|
|
|
|
|
|
TBC = To be confirmed
Note
The above schedule will be published on the DCU Website under the COO’s webpages in the Policies section.